The degree of concern and comment aboutidentity cardsin the UK
makesAtos Originwonder whether during the
debate the plot has been lost. Our concern is that two different
issues, secure individual identification and customer information
collection, have been rolled together. In the ensuing polarised
debate, a risk has arisen of chucking the baby out with the bath
water if the scheme is stopped. This could have major implications
for
identity management and personal data management in
general.
The issues at the national level are perhaps the result of
problems unwittingly generated by past IT industry activity, where
identity management and privacy have not been managed as tightly as
they might.
To date the debate has been that individuals are losing their
privacy through technologically enabled surveillance. The ID card
has been held up as another step towards enabling greater
surveillance. The other side of the debate states that we must
trade some privacy to achieve security.
Loss of privacy for security need not necessarily happen. In
fact, identity cards and their reference system, properly designed,
represent the chance for the individual to take control and
safeguard their identity. It can provide a necessary new public
proof of identity mechanism, one that will work in many modern
situations.
The IT industry needs to show that achieving enhanced
identification will not increase surveillance. We must collectively
design and regulate its use with personal privacy as a clear
objective. The ID card itself should be regarded as a token much as
we accept credit and debit cards and should not be an issue unless
there is invasive tracking of its use.
The principal objection is the collection and collation of
personal data to establish an identity and then subsequently
maintaining personal details for the benefit of joined up
government. Our experience suggests that once an IT enabled
identity has been established there is no need to store these
personal details. In fact maintaining separation of data across
systems which have been accurately cross referenced aids on-going
personal data security. Secure cross referencing still allows
information to be drawn together on a controlled and as-needed
basis. The option remains for the individual to agree to it being
aggregated and shared if it benefits them.
We believe there are two key scheme components to be define when
managing identity and personal data: first, how we manage, operate
and control access to identification services, and second,
separately, how transactional or general customer information is
securely managed and accessed. Clear separation of these components
to ensure personal privacy must be established from the outset of
any scheme or system.
Our experience leads us to conclude that personal privacy
requirements can be safeguarded through good IT design for all
identity management projects, whether for a business or for the new
UK ID card. Use of technologies such as biometrics, encryption,
proper use of pseudonyms, and digital certificates can support this
as evidenced in Austria. However, technology must be coupled with
strong processes for regulation of identity services and personal
data handling to deliver improved personal privacy and
security.
Steve Baldry is principal consultant at Atos
Consulting